DE102008008357A1 - Method and system for determining reliability parameters of a technical installation - Google Patents

Abstract

A method calculating reliability parameters of a technical installation is provided. The reliability parameters are calculated using a modified Markov minimum cut method in which probabilities of a plurality of components failing on account of a common cause and the property of a component or subassembly with self-diagnosis are concomitantly included in the calculation of the reliability parameters. The input parameters for the calculation model are determined from messages and/or subsystems in the technical installation or from the overall installation. The failure and repair rates calculated may be used to predict the reliability, availability, maintainability and safety of the technical installation.

Description

The The invention relates to a method and system for determining reliability parameters a technical facility.

The Development and operation of modern technical systems are without appropriate reliability analysis unthinkable. To the quantitative statements regarding the reliability to be able to meet a technical system, these days are becoming diverse Methods of reliability calculation used. It comes mostly the method of Markov minimal cuts used.

The Method of Markov minimal cuts is a combination of Procedure of the Markov processes and the minimum cutting procedure. A minimal cut method is a special method of determination the reliability a system or components that looks at component failure conditions, which lead to the failure of the system.

One Markov process consists of Markov states (component or system states) and draws characterized by the property that the future evolution of the condition at a given time regardless of the past the process is. State changes - or transitions are through constant transition rates characterized.

The basic idea of the procedure of the Markov processes is illustrated by an example. A single viewing unit A that is being put into operation should sequentially assume two states, namely state Z1: device intact, and state Z2: device failed. The failure rate of A is λ and assumed to be constant. We are looking for the probabilities that the observation unit A will be in state Z1 or state Z2 at any time t. The temporal change of the probabilities of the states Z1 and Z2 can be calculated by the following equation system:

Where: P ₁ (t) = probability that the observation unit A is in state Z1 (= intact) at time t.

P ₂ (t) = probability that the observation unit A is in state Z2 (= failed) at time t. λ denotes the failure rate and μ denotes the repair rate of the observation unit A.

wird auch als Übergangsmatrix bezeichnet. Zu beachten ist, dass die Summe der Elemente in jeder Spalte verschwindet.λ and μ are also referred to as transition rates, because the states Z1 (unit intact) and Z2 (unit failed) of A merge into each other due to λ and μ. Equation (1) can also be represented in the form of a matrix notation. The matrix that emerges from the above system of equations

is also called a transition matrix. Note that the sum of elements in each column disappears.

The equation system (1) can also be illustrated by a state diagram or a state graph. 1 shows as circular symbols the possible states Z1 and Z2 of the viewing unit A, which is shown here as a single circuit element. The state transitions which are possible within an interval [t, t + Δt] are indicated by arrows with the associated transition rates λ and μ multiplied by the time interval Δt.

To apply a reliability assessment technique to a technical asset, this must be either a logical structure in the form of a functional structure, a design plan, or reliability block diagrams (ZBD), and this structure must then be analyzed. A reliability block diagram is an event diagram that answers the question of which components need to work to perform the required function (which makes these components vital to the function) and which components should fail (because they are redundant, for example) are). In a reliability block diagram, the elements required to perform the function (subsystems, assemblies or components) are linked serially. The elements that can fail because they are redundant, for example, are linked in parallel. A reliability block diagram can therefore show great differences from a circuit diagram of components. A parallel circuit of a coil and a capacitor, for example, is represented in the sense of reliability in the reliability block diagram as a series circuit. Therefore, a reliability block diagram of a technical system must always be developed with the help of experts or expert knowledge. A reliability block diagram is not the only method for reliability analysis. A reliability model of a technical system can also be represented in the form of an error or event tree and a state graph.

at the analysis of a reliability block diagram of a system one uses the so-called top down lineup, at the hierarchical representation of a complex technical system, this first in subsystems, subsequently in assemblies and finally is dissected into individual components. In the top-down lineup is always at the highest Decomposition level started. For each deeper level is formulated the corresponding required function and set up the appropriate state block diagram. this happens to the lowest level, where the reliability information for each individual Component like failure rate λ and Repair rate μ duck are known.

To Establishment of the reliability model as here by means of a state block diagram, in a next step the reliability calculation carried out. Here, so-called cuts are determined by the system. Under A cut is a combination of component failure states that lead to failure of the system. A minimal cut is a combination of component failure conditions that for the System failure via This cut is necessary and sufficient. In a minimal cut leads the Start of operation or repair of any component contained in it Cancellation of the cut, d. H. the system works again.

to Determination of a minimum section by a system with a number of components, for example, within a reliability block diagram all combinations of component failures checked for supply interruption between the input and the output. The logical AND connection the component failure conditions is called a cut or minimal cut. According to the Number of logical AND-linked Component failure states in a minimal section one distinguishes between minimal sections of different order. A system failure will occur if at least one of the existing minimal cuts occurs. The minimal cuts within a system are usually based on expert knowledge or by means of a so-called failure effect analysis or FMEA (Failure Mode and Effect Analysis). The Theory says that for the reliability calculation only the minimum cuts at most 3rd order of importance.

In Systems with stochastic-dependent Components can be assumed to be the minimum cuts lowest order reliability of the system. This means that the minimal cuts over a Markov process independent can be modeled and calculated from each other.

To determine the reliability parameters of a technical installation according to the classical Markov method of minimal sections, let us now give an example:
Consider the example of the reliability block diagram 2 , It represents a bridge circuit with the components A1 to A5 in the sense of the reliability model. The bridge circuit should be an overall system x. Through the overall system x, several minimum cuts can now be made. To determine the minimum cuts, the components A1 to A5 are allowed to fail in all combinations and checks whether the system fails. In 2 For example, a minimum cut of the second order is highlighted, which is highlighted by the black-filled switching symbols of the components A1 and A2. If components A1 and A2 fail, there is a failure of the overall system. MS1 = Al ∧ A2 is therefore a minimal cut, because the failure of both components is absolutely necessary for the system failure via this cut. In 2 are further possible minimum sections M2, M3 and M4 of the overall system x drawn. MS3 and MS4 are minimal cuts of the 3rd order.

For the reliability calculation, minimal section MS1 should now be considered as an example. Here, the corresponding reliability parameters λ1 of the failure rate and μ1 of the repair rate are subsequently determined for the component A1. Likewise, for component A2, the corresponding failure rate λ1 and repair rate μ2 are determined. The parameters can be taken from a table, for example. Everyone Value is specified within a confidence interval. As a rule, a normal distribution is assumed and a one-sided confidence interval of 95% is chosen.

Subsequently, it is determined which states the minimal section consisting of 2 components can assume. In this case, there are N = 4 states (Z1 = A1, A2 intact, Z2 = A1 intact, A2 failed, Z3 = A1 failed, A2 intact, Z4 = A1, A2 failed). By means of the known reliability parameters of the individual components λ1, λ2, μ1 and μ2, the transition matrix is then determined. In this transition matrix, all transition rates c _ik for the transition from state i to state k (k <= N) are indicated. By means of the transition matrix, a system of equations for the temporal changes of the probabilities of states 1 to 4 is derived. From the system of equations, the individual probabilities P1 (t), P2 (t), P3 (t) and P4 (t) are then determined so that the system is in state Z1, Z2, Z3 and Z4 at a time t. In this case, the probability P4 (t) represents the probability for the considered minimal section MS1 = A1 ∧ A2 of the overall system, because both components A1 and A2 have failed.

In order to determine a reliability statement for the overall system x, the probabilities of all existing minimal sections are added up. In the example considered this means:

Out Gig. 3, the failure rate for the entire system is thus derived. It can also be calculated the repair rate of the entire system.

In order to are for the overall system the reliability parameters λ (indication in 1 / h) and μ.

• – die mittlere Ausfallzeit = Mean Downtime MDT (Angabe in h)
• – der mittlerer Ausfallabstandswert = Mean Time between failures MTBF (Angabe in h) = Kehrwert der Ausfallrate

In addition, further reliability parameters can be determined from the failure rate, such as, for example

• - the average downtime = mean downtime MDT (specified in h)
• Mean time between failures MTBF (specified in h) = inverse of the failure rate

from that You can calculate the so-called RAM values. (RAM = "Reliability, Availability, Maintainability "= German reliability, Availability, Maintainability) Often are also statements regarding the technical safety of a Plant required, d. H. Safety, if a part or the whole has failed. One speaks in this case of so-called RAMS values. (S for Engl. "Safety") The safety aspect is quantitatively by means of the probability of failure PFD (English: "probability of failure on demand ") detected. RAMS values can Individual components and assemblies, but also assigned subsystems and entire systems become.

The reliability parameters The individual components are usually made from data sheets of the manufacturers or other manuals taken. These are standards for preliminary reliability analyzes of industrial products. Examples are the IEC standards 61708 and 61709 (IEC = "International Electro Technical Commission "), the Siemens standard SN 29500 or the US Department of Defense manual (Military Handbook) MIL-HDBK-217F. In the reliability calculation, the values based solely on these standards or manufacturers are therefore purely theoretical predictions or predictions.

alternative to this theoretical approach of the reliability prognosis according to manuals resp. Standards can the reliability parameters based on the unit under consideration (overall system or subsystem) on field data or during the operation of the unit under consideration in the field. As field data then, for example, failures that have occurred in the field, the Total amount of assembled assemblies, or more specific parameters Operating conditions recorded.

A comparison of a purely theoretical prediction with the values measured in the field leads to the conclusion that the theoretical prediction is too pessimistic, even if the confidence in the field is set at 90-95% (ie lower risk). It is basically because the RAM values of the individual components from the data sheets, standards or catalogs very often do not reflect the current state of the quality of the technology. Such inaccuracy in calculating the RAM values not only of individual components but as a consequence of an entire technical system could potentially be a major disadvantage in terms of competition, since the predictions thus obtained often make distribution a basis and security for their offers serve. However, in extremely safety-critical areas, such as in the nuclear field, the RAM values of the forecast have the highest requirements. The predicted RAM values should be as close to reality as possible in order to better estimate security risks.

It The object of the invention is an improved method and system for the determination of reliability parameters of a technical installation.

These Tasks are solved by the features of the independent claims. Advantageous embodiments are each in the dependent claims played.

in the Contrary to the prior art are according to the inventive method reliability parameters a technical installation by means of a modified method of Markov minimum incisions calculated at the failure probabilities of several components due to a common cause and the Diagnostic coverage of a component is taken into account become. In other words, this means that, on the one hand, the simultaneous one Failure of multiple components due to a stochastic event and second, the property of a component or assembly with self-diagnosis into the calculation of the reliability parameters. The calculation model receives Accordingly, not only the failure rates and repair rates of individual components or subsystems, but also newly determined transition rates for capture the newly considered Factors.

These Modification of the classical method of Markov minimal cuts allows a much more precise and more realistic Prediction of the so-called RAM values of a technical system. A according to the inventive method calculated failure rate of an entire system is consistent with a reliable statement near the field value, through which statements about safety are made can be. This ensures safe operation a technical facility, a significant increase in availability and also a process optimization. In particular, the calculation allows from predictions about the reliability of components and subsystems a preventive maintenance of a plant. Thus, it is possible to intervene directly in the technical process, if the determination of the failure rate of a component or probability of failure justified. Also can gross design flaws and weak points in terms of reliability already detected in the project planning phase.

The Calculation of reliability parameters can be advantageously integrated into a computer platform, the itself as independent Component with other systems or components of the technical Plant can communicate and interact. The method has a universal character and is thus advantageously applicable to any technical installation, independently whether it is a power plant, an airplane, a medical Plant or an industrial plant. In particular, it can also for a control system can be used, which consists of hardware components and software components is constructed. While usually statements on the topic reliability the software and hardware used in technical systems the HW reliability on the evaluation of returned goods support as well as SW reliability on error messages and runtimes or the calls of the considered SW modules, the inventive method follows a systematic and universal Approach of modeling and analysis with subsequent calculation the reliability parameter. Thus, system reliability statements for both Components of a technical system, ie for both hardware and software possible.

In an embodiment variant of the invention become the reliability parameters while the operation of the technical system, so to speak "online" for reliability calculation either temporarily connected to a control system or is permanent involved in the operation of the control system. This will be advantageous a higher one precision achieved since the most recent values for the determination of input parameters to disposal stand. Enable in the operating phase the precise RAM values the development of an optimal and cost effective maintenance strategy.

In a further embodiment correspond to the messages and / or data of individual components, Subsystems of the technical installation and the overall installation field values, the process-oriented from process control systems of the technical plant or won in the field. By means of the field values, the make the most realistic predictions. Furthermore, field data qualitative Judgments are derived.

In a further embodiment variant, after the calculation of a prediction, a subsequent check or verification of the determined failure rate takes place by comparison with the acquired field data. If the calculated reliability parameters are not within a predetermined interval, the reliability parameters are recalculated in further cycles, wherein adjustments are made in the model specifications used. In this case, the failure probabilities of several components can be verified as a result of a common cause and the diagnostic coverage of a component.

The Invention will now be described with reference to drawings embodiments explained in more detail. there demonstrate

1 a schematic representation of a state graph of a component A (prior art)

2 a schematic representation to illustrate the minimal sections within a state block diagram (prior art)

3 a schematic representation of a section consisting of two modules E1 and E2

4 a schematic representation of the ACoRAM system according to the invention for determining reliability parameters of a technical system

5 a flowchart illustrating an embodiment of the invention.

One Failure of two modules due to common cause ("common cause failure ", abbreviated CCF) will be according to the norm IEC 61508-4 as follows Defined: When there is a common cause failure It is a failure that is the result of one or more events is, the simultaneous failures of two or more separate channels in a multi-channel Cause system failure and system failure.

The Definition of a common failure, however, is in the sense to understand that a failure occurs within a time interval Δt. That's enough it if the second component during Repair of the first component fails. The failure of common Cause can also be as a limiting case of a consequential failure within a small time interval. It also applies that CCF does not depend solely on the failure rates of the individual components, but alone of the implementation of the technical system and its structure. CCF is further characterized by the operating conditions (intensity) and the Boundary conditions such as stress factors, temperature etc. determined and must be determined from the statistics. So z. B. high temperatures cause that two components fail at the same time. Also a high humidity or vibrations within the technical equipment are common causes for one simultaneous component failure. All these influences are common with the help of the standard IEC 61508-6 based on the standard Question catalogs and tables recorded in the CCF factor. In these norms Accordingly, quantitative evaluations of the CCF factor are in the form provided by statistical tables.

CCF is characterized quantitatively by the failure rate λ _CCF . It is approximately: λ CCF ≈ β · λ

At λ acts it is the failure rate of the considered component. β represents one Weighting factor. It corresponds to a table value from the IEC 61508-6 standard.

Next, consider the properties of a self-diagnostic component. According to the standard IEC 61511-1, the diagnostic coverage (DC) is defined as the proportion of the many conditions that have been determined by the execution of a diagnostic test Diagnostic tests can be automatic tests or triggered regularly by operator intervention according to a timetable For the statistical determination of the failure rate of such components, between detected or detected failures with λ _D and not detected or Undetected failures with λ _U distinguished.

Quantitatively, the diagnostic coverage or DC factor is recorded as follows:

n_D

= Anzahl der festgestellten Ausfälle und

n

= Gesamtanzahl der Ausfälle

With

n _D

= Number of detected failures and

n

= Total number of failures

It follows that: λ _D = DC · λ and λ _U = (1 - DC) · λ

The repair rates of a module with self-diagnosis are also divided into μ _D and μ _U.

in the Difference to CCF is the DC factor of the structure of a technical Systems independent and always refers to a single component or assembly.

The DC factor can also be used to distinguish between internal and external DC factors. While the internal DC factor DC _int itself characterizes the self-diagnosis of a component A, the case is detected with DC _ext when an external system or component B reports that component A is not working properly. It has been shown that the external DC factor for the statements of reliability has a much higher relevance than the internal DC factor DC _int .

To clarify the method according to the invention, a redundant repairable system consisting of two assemblies E1 and E2 with self-diagnosis is considered below. Such a system is in 3a shown. The assemblies are not considered identical.

It should be noted that each component with self-diagnosis has two types of failure: detected failures with the failure rate λ _D and undetected failures with the failure rate λ _U. In 3b is every component (in 3b dashed lines) symbolically replaced by two individual components to illustrate the different failure rates. The first assembly E1 is therefore characterized by the parameters λ _D1 , λ _U1 , μ _D1 , μ _U1 and the assembly E2 by the parameters λ _D2 , λ _U2 , μ _D2 , μ _U2 . Furthermore, each failure rate λ _D , λ _{U is} split again into an internal and external failure rate. To account for common failures and thus the CCF factor are in 3b the possible combinations of the respective components drawn, which can fail common. The weighting factors β ₁ , β ₂ , and β ₃ include these combination possibilities. All failure rates, repair rates, CCF factors and DC factors listed in this section form the input parameters for determining the transition matrix.

Considering the factors CCF and DC result from the state graph of the system 3b ten possible states for the entire system, which represents a section consisting of two components or assemblies here. From this, a state graph can be deduced, from which in turn the modified transition matrix of the individual states and the corresponding system of differential equations are derived. The transition matrix contains both the CCF factors and the DC factors. The state 10 means the probability of a cut occurring and thus a total failure of the system. In all remaining states, the system remains intact.

From the probability that state 10 occurs, therefore, the probability of failure for the entire system 3a calculated.

• • Es wird die Übergangsmatrix für jeden Schnitt berechnet.
• • Anschließend wird die Wahrscheinlichkeit für das Auftreten des betrachteten Schnitts berechnet.
• • Durch Addition aller Wahrscheinlichkeiten der der betrachteten Schnitte wird die Ausfallwahrscheinlichkeit für das Gesamtsystem berechnet und daraus die Ausfallrate und weitere RAM-Werte bzw. RAMS-Werte bestimmt.

If the entire system contains several sections, the procedure is analogous to the procedure described in the introduction.

• • The transition matrix is calculated for each section.
• • Then the probability of occurrence of the considered section is calculated.
• • By adding all the probabilities of the sections under consideration, the probability of failure for the entire system is calculated and from this the failure rate and further RAM values or RAMS values are determined.

In 4 a system for determining reliability parameters according to the method of the invention is shown. The ACoRAM system can be realized in the form of a software application. The application has a modular architecture in this embodiment and is based on the Microsoft .NET Framework. The individual modules COM, PA, RAM and GUI of the system ACoRAM support the DCOM technology and standardized protocols of data transfer.

The system ACoRAM comprises a first module COM, which is designed for communication with databases and other systems and components of the technical system. In the first place, that allows Module COM the cooperation of the system ACoRAM with external systems ExS. It is by means of standardized interfaces and protocols of data transfer, z. B. TCP / IP protocols access to external database, application or web server DBS, APPS and WEGS guaranteed. In 4 the symbol INT represents existing interfaces, drivers or communication means as a connection between the external systems and the system ACoRAM. Also a communication via radio with the corresponding foreign systems is conceivable. In a control system, the ACoRAM system could, for example, be connected to the existing bus system so that there is a direct connection to the process control and information system, the engineering system, the engineering system, the diagnostic system or the automation system. An integration into existing control systems is possible via a corresponding adaptation of the interfaces.

through of the communication module COM messages and / or data from the foreign system, for example, read the control system. This "raw data" in the form of plant information, process data, Error messages and measured values are then sent to a second module, the parser module, passed. The parser module allows syntactic analysis the messages and / or data and a conversion of the data format third-party system into the data format of the ACoRAM system. In the parser module PA is going too the needed Statistics about created the read data.

raw Data and statistics can stored in own databases of the ACoRAM system (not shown here) become. Depending on what confidence ranges in the statistical Distributions of raw data are accepted, this data can be changed. In the native database are also structural representations the technical equipment (in terms of reliability) as state block diagrams or state graphs stored.

Out the collected information of the parser module and the databases become the input parameters for the reliability calculation model determined. These are essentially default rates of individual components, subsystems or the entire system, repair rates of individual components, subsystems or the overall system to failure rates due to common cause, failure rates of components with self-diagnostics, where the failure was detected and failure rates of components with self-diagnosis, in which the failure was not detected.

The Input parameters are forwarded to the computing module RM, in based on the method of Markov minimal cuts below consideration the default probabilities due to common cause and the diagnostic detection degree the actual reliability parameter calculation he follows. It will be first a complete one State graph or a reliability block model a mini-section. Thereafter, a corresponding transition matrix built up. This is for example sent to an application server APPS of the external system ExS with mathematical software forwarded, where from the transition matrix, a system of differential equations for the temporal changes the probabilities of the individual states and numerically solved become.

The fourth module of this embodiment corresponds to an output unit GUI. It is one graphical user interface, based on HTML technology. It allows in conjunction with the WEB server WEGS the independence from the operating system and access to the ACoRAM system from several Users at the same time and a common user interface to Play the calculated reliability parameters.

In 5 is a flowchart illustrating the procedure for determining the reliability parameters when not only a prediction (prediction or prognosis) of the reliability parameters of an overall system is to be made, but also a verification, ie that after the calculation, a comparison between the calculated parameters with measured or off Process data determined field data takes place.

In an embodiment becomes the reliability calculation carried out in two phases:

1.) Prognosis:

This is already in the planning phase of a process control system possible. For that will be the structure of the process control system from the engineering system taken from a corresponding model in the form of a reliability block diagram or state graphs are built and the reliability parameters the modules are assigned "default values".

2.) Verification:

In In this phase, the values of the reliability parameters of the respective Modules from the process data or from the statistics with a Confidence interval determined. These field values of the reliability parameters are introduced to the calculation model. The results from the Verification phase will be with the results from the forecasting phase compared.

A possible starting point for the verification, which usually runs in several calculation cycles, is a system forecast (Box 1 in 5 ).

It then checks to see if there is a representative set of data and observations to determine the input parameters for the calculation model (Box 2 in 5 ). Essentially, this check applies only to the database designated here as field database FeldDB, in which process data and measured values obtained in the field near the process are stored. If insufficient data and observations are available in the field database FeldDB, the input parameters for the calculation model are taken from the default database DDB. The default database DDB, in which standard values from manuals and data sheets for the failure rates, repair rates, DC and CC factors for individual components EK are stored, has a constant data base. In the field database FeldDB, the failure rates, repair rates, DC and CC factors are stored according to the structure or hierarchy of the technical plant for individual components EK, for subsystems and the overall system. The field database FeldDB is in connection with the parser module PA. In this way, failure rates, repair rates, DC and CC factors can be stored in the field database, which have been taken from an I & C system or another ExS external system and converted into a native format. Before the actual reliability calculation (Box 3 . 5 ) first determines for which hierarchical level the reliability parameters are to be determined. As an example, it is assumed here that the failure rate for a subsystem of a technical installation should be calculated. The input parameters for the calculation model are always taken from the underlying hierarchy level. In accordance with this requirement, the failure rates, repair rates, DC and CCF factors of the individual components contained in the subsystem are taken from one or both databases as input parameters in the example under consideration. The calculation model then determines the desired failure rate of the subsystem for the section or sections of the subsystem under consideration by means of the Markov method modified according to the invention. Subsequently, a comparison between the theoretically calculated failure rate of the considered subsystem and the "field value" of the failure rate of the subsystem taken from the field database takes place (Box 4 . 5 ). With sufficient accuracy, ie if the two values lie within a given confidence interval, the theoretically calculated failure rate is output for the considered subsystem (Box 10 . 5 ). If the values deviate too much from each other, ie if the theoretically calculated value and the field value are not within a given confidence interval, then the calculation model must be further adjusted (Box 7 . 5 ). The adjustment of the calculation model essentially takes place by changing the DC and CCF factors. Since the CCF factor includes many other factors such as ambient temperature, stresses within a component or other component properties, these can be used as degrees of freedom for model adaptation. With the newly determined values of the DC and CCF factors, the calculation algorithm is run through again.

Claims (12)

Method for determining reliability parameters a technical facility, in which - from messages and / or data of individual components, subsystems of the technical facility or of the overall plant Input parameters for a reliability calculation model be determined, - that these input parameters include at least the following parameters: Failure rates of individual components or subsystems, repair rates of individual components or subsystems, failure rates due to common Cause, failure rates of components with self-diagnostics, in which the failure was detected and failure rates of components with Self-diagnosis, in which the failure was not detected, - by means of this input parameter and the calculation model of the method the Markov minimal cuts, taking into account default probabilities as a result of common cause and diagnostic coverage, reliability parameters (RAM) for a single component, a subsystem or an overall system of technical Be calculated based on these values, a prediction of the Reliability, Availability and maintainability of the technical equipment can be taken. Method according to claim 1, where the calculation the reliability parameter Following the steps of Markov minimal cuts having: - It becomes a reliability model formed by a logical structure of a subsystem of the technical facility set up after a top-down lineup, - Within The logical structure of the technical system becomes relevant minimal sections determined to a maximum of third order. - Within each cut be considered a confidence interval the input parameters for all components of the section determined and the corresponding rates determined. - means the input parameter becomes a state transition matrix for each Minimal cut determined. - means the state transition matrix a system of differential equations is created from which the Probability for the occurrence of the individual minimal sections is determined. - By Addition of all probabilities for the occurrence of a minimal cut is the probability of failure, the failure rate and repair rate of the subsystem. Method according to Claim 1 or 2, in which the calculation the reliability parameter during the Operation of the technical system takes place, the messages and / or Data of individual components, subsystems of the technical plant or the entire system can be determined online. Method according to Claim 1 or 2, in which the messages and / or data of individual components, subsystems of the technical Plant and the total plant field values correspond to the process from control systems of the technical system or in the field be won. Method according to claim 1 or 2, wherein the input parameters from default data from a database for the individual components of the technical facility are determined. Method according to one of claims 1 to 5, in which - the means of the calculation model theoretically calculated reliability parameters compared with previously determined field values, - theoretically calculated reliability parameters be issued if they and the field values within a given Accuracy interval are Method according to one of claims 1 to 5, in which - the means of the calculation model theoretically calculated reliability parameters compared with previously determined field values, - an adaptation performed the calculation model when the theoretically calculated reliability parameters and the Field values outside the given accuracy interval, - that the Calculation of reliability parameters followed by Comparison with the field values takes place until the theoretical calculated values and the field values within a given Accuracy interval are. Method according to claim 7, wherein the adaptation of the calculation model takes place by calculating the rates for recording the Probabilities of default due to common cause and the Diagnostic coverage changed become. System (ACoRAM) for the determination of reliability parameters for a technical installation, comprising - a first module (COM) for communication with databases and other systems (ExS) and components of the technical system for reading messages and / or data of the technical installation, - second module (PA) for determining input parameters for a reliability calculation model from the read messages and / or data, the input parameters at least failure rates of individual components or subsystems, repair rates of individual components or subsystems, common cause failure rates, failure rates of components with self-diagnosis, in which failure rate was detected, and failure rates of self-diagnosed components in which the failure was not detected include: - a calculation module (RM), using the input parameters based on one of the methods of Markov minimum cuts, taking into account Common cause and diagnostic detection failure probabilities Reliability parameter (RAM) for a single component, a Subsystem or a whole system of the technical system are calculated, - an output unit (GUI) as a graphical user interface for the reproduction of the calculated reliability parameters (RAM). System according to claim 9, characterized in that that a database is further included, in which for individual components, subsystems and the overall system empirical values of the input parameters are stored, and at least one further database, in which for individual components, subsystems and the entire system stores field values of the input parameters where the field values are plant data and error messages from the technical system. System according to one of the preceding claims, characterized characterized in that it is in the technical system to a I & C system and in the other systems to a Prozessführungs- and information system (OM) to a configuration system (ES), a Diagnosis System (DS) and / or an automation system (AS) is. System according to one of the preceding claims, characterized characterized in that the system is designed such a method according to one the claims 1 to 8.